From: Ben Gras Date: Fri, 16 Jul 2010 00:11:16 +0000 (+0000) Subject: libutil - sha1 functions. X-Git-Tag: v3.1.8~221 X-Git-Url: http://zhaoyanbai.com/repos/rndc.html?a=commitdiff_plain;h=feaa082ea8b552804b80c691d96a80878b2e8430;p=minix.git libutil - sha1 functions. --- diff --git a/include/minix/sha1.h b/include/minix/sha1.h new file mode 100644 index 000000000..e56234cfa --- /dev/null +++ b/include/minix/sha1.h @@ -0,0 +1,31 @@ +/* $NetBSD: sha1.h,v 1.6 2008/10/08 14:28:14 joerg Exp $ */ + +/* + * SHA-1 in C + * By Steve Reid + * 100% Public Domain + */ + +#ifndef _NBCOMPAT_SYS_SHA1_H_ +#define _NBCOMPAT_SYS_SHA1_H_ + +#include + +#define SHA1_DIGEST_LENGTH 20 +#define SHA1_DIGEST_STRING_LENGTH 41 + +typedef struct { + uint32_t state[5]; + uint32_t count[2]; + unsigned char buffer[64]; +} SHA1_CTX; + +void SHA1Transform(uint32_t state[5], const unsigned char buffer[64]); +void SHA1Init(SHA1_CTX *context); +void SHA1Update(SHA1_CTX *context, const unsigned char *data, unsigned int len); +void SHA1Final(unsigned char digest[20], SHA1_CTX *context); +char *SHA1End(SHA1_CTX *, char *); +char *SHA1File(char *, char *); +char *SHA1Data(const unsigned char *, size_t, char *); + +#endif /* _NBCOMPAT_SYS_SHA1_H_ */ diff --git a/lib/libutil/sha1.c b/lib/libutil/sha1.c new file mode 100644 index 000000000..53269bc83 --- /dev/null +++ b/lib/libutil/sha1.c @@ -0,0 +1,295 @@ +/* $NetBSD: sha1.c,v 1.8 2008/10/06 12:36:20 joerg Exp $ */ +/* $OpenBSD: sha1.c,v 1.9 1997/07/23 21:12:32 kstailey Exp $ */ + +/* + * SHA-1 in C + * By Steve Reid + * 100% Public Domain + * + * Test Vectors (from FIPS PUB 180-1) + * "abc" + * A9993E36 4706816A BA3E2571 7850C26C 9CD0D89D + * "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" + * 84983E44 1C3BD26E BAAE4AA1 F95129E5 E54670F1 + * A million repetitions of "a" + * 34AA973C D4C4DAA4 F61EEB2B DBAD2731 6534016F + */ + +#define SHA1HANDSOFF /* Copies data before messing with it. */ + +#if defined(_KERNEL) || defined(_STANDALONE) +#include +#include +#include +#define _DIAGASSERT(x) (void)0 +#else +#if 0 +#include "namespace.h" +#endif +#include +#include +#include +#include +#endif + +#if HAVE_NBTOOL_CONFIG_H +#include "nbtool_config.h" +#endif +#define _DIAGASSERT assert + +/* + * XXX Kludge until there is resolution regarding mem*() functions + * XXX in the kernel. + */ +#if defined(_KERNEL) || defined(_STANDALONE) +#define memcpy(s, d, l) bcopy((d), (s), (l)) +#endif + +#define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits)))) + +/* + * blk0() and blk() perform the initial expand. + * I got the idea of expanding during the round function from SSLeay + */ +#if BYTE_ORDER == LITTLE_ENDIAN +# define blk0(i) (block->l[i] = (rol(block->l[i],24)&0xFF00FF00) \ + |(rol(block->l[i],8)&0x00FF00FF)) +#else +# define blk0(i) block->l[i] +#endif +#define blk(i) (block->l[i&15] = rol(block->l[(i+13)&15]^block->l[(i+8)&15] \ + ^block->l[(i+2)&15]^block->l[i&15],1)) + +/* + * (R0+R1), R2, R3, R4 are the different operations (rounds) used in SHA1 + */ +#define R0(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk0(i)+0x5A827999+rol(v,5);w=rol(w,30); +#define R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk(i)+0x5A827999+rol(v,5);w=rol(w,30); +#define R2(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0x6ED9EBA1+rol(v,5);w=rol(w,30); +#define R3(v,w,x,y,z,i) z+=(((w|x)&y)|(w&x))+blk(i)+0x8F1BBCDC+rol(v,5);w=rol(w,30); +#define R4(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0xCA62C1D6+rol(v,5);w=rol(w,30); + + +#if 0 +#if !defined(_KERNEL) && defined(__weak_alias) +__weak_alias(SHA1Transform,_SHA1Transform) +__weak_alias(SHA1Init,_SHA1Init) +__weak_alias(SHA1Update,_SHA1Update) +__weak_alias(SHA1Final,_SHA1Final) +#endif +#endif + +typedef union { + unsigned char c[64]; + unsigned int l[16]; +} CHAR64LONG16; + +/* old sparc64 gcc could not compile this */ +#undef SPARC64_GCC_WORKAROUND +#if defined(__sparc64__) && defined(__GNUC__) && __GNUC__ < 3 +#define SPARC64_GCC_WORKAROUND +#endif + +#ifdef SPARC64_GCC_WORKAROUND +void do_R01(uint32_t *a, uint32_t *b, uint32_t *c, uint32_t *d, uint32_t *e, CHAR64LONG16 *); +void do_R2(uint32_t *a, uint32_t *b, uint32_t *c, uint32_t *d, uint32_t *e, CHAR64LONG16 *); +void do_R3(uint32_t *a, uint32_t *b, uint32_t *c, uint32_t *d, uint32_t *e, CHAR64LONG16 *); +void do_R4(uint32_t *a, uint32_t *b, uint32_t *c, uint32_t *d, uint32_t *e, CHAR64LONG16 *); + +#define nR0(v,w,x,y,z,i) R0(*v,*w,*x,*y,*z,i) +#define nR1(v,w,x,y,z,i) R1(*v,*w,*x,*y,*z,i) +#define nR2(v,w,x,y,z,i) R2(*v,*w,*x,*y,*z,i) +#define nR3(v,w,x,y,z,i) R3(*v,*w,*x,*y,*z,i) +#define nR4(v,w,x,y,z,i) R4(*v,*w,*x,*y,*z,i) + +void +do_R01(uint32_t *a, uint32_t *b, uint32_t *c, uint32_t *d, uint32_t *e, CHAR64LONG16 *block) +{ + nR0(a,b,c,d,e, 0); nR0(e,a,b,c,d, 1); nR0(d,e,a,b,c, 2); nR0(c,d,e,a,b, 3); + nR0(b,c,d,e,a, 4); nR0(a,b,c,d,e, 5); nR0(e,a,b,c,d, 6); nR0(d,e,a,b,c, 7); + nR0(c,d,e,a,b, 8); nR0(b,c,d,e,a, 9); nR0(a,b,c,d,e,10); nR0(e,a,b,c,d,11); + nR0(d,e,a,b,c,12); nR0(c,d,e,a,b,13); nR0(b,c,d,e,a,14); nR0(a,b,c,d,e,15); + nR1(e,a,b,c,d,16); nR1(d,e,a,b,c,17); nR1(c,d,e,a,b,18); nR1(b,c,d,e,a,19); +} + +void +do_R2(uint32_t *a, uint32_t *b, uint32_t *c, uint32_t *d, uint32_t *e, CHAR64LONG16 *block) +{ + nR2(a,b,c,d,e,20); nR2(e,a,b,c,d,21); nR2(d,e,a,b,c,22); nR2(c,d,e,a,b,23); + nR2(b,c,d,e,a,24); nR2(a,b,c,d,e,25); nR2(e,a,b,c,d,26); nR2(d,e,a,b,c,27); + nR2(c,d,e,a,b,28); nR2(b,c,d,e,a,29); nR2(a,b,c,d,e,30); nR2(e,a,b,c,d,31); + nR2(d,e,a,b,c,32); nR2(c,d,e,a,b,33); nR2(b,c,d,e,a,34); nR2(a,b,c,d,e,35); + nR2(e,a,b,c,d,36); nR2(d,e,a,b,c,37); nR2(c,d,e,a,b,38); nR2(b,c,d,e,a,39); +} + +void +do_R3(uint32_t *a, uint32_t *b, uint32_t *c, uint32_t *d, uint32_t *e, CHAR64LONG16 *block) +{ + nR3(a,b,c,d,e,40); nR3(e,a,b,c,d,41); nR3(d,e,a,b,c,42); nR3(c,d,e,a,b,43); + nR3(b,c,d,e,a,44); nR3(a,b,c,d,e,45); nR3(e,a,b,c,d,46); nR3(d,e,a,b,c,47); + nR3(c,d,e,a,b,48); nR3(b,c,d,e,a,49); nR3(a,b,c,d,e,50); nR3(e,a,b,c,d,51); + nR3(d,e,a,b,c,52); nR3(c,d,e,a,b,53); nR3(b,c,d,e,a,54); nR3(a,b,c,d,e,55); + nR3(e,a,b,c,d,56); nR3(d,e,a,b,c,57); nR3(c,d,e,a,b,58); nR3(b,c,d,e,a,59); +} + +void +do_R4(uint32_t *a, uint32_t *b, uint32_t *c, uint32_t *d, uint32_t *e, CHAR64LONG16 *block) +{ + nR4(a,b,c,d,e,60); nR4(e,a,b,c,d,61); nR4(d,e,a,b,c,62); nR4(c,d,e,a,b,63); + nR4(b,c,d,e,a,64); nR4(a,b,c,d,e,65); nR4(e,a,b,c,d,66); nR4(d,e,a,b,c,67); + nR4(c,d,e,a,b,68); nR4(b,c,d,e,a,69); nR4(a,b,c,d,e,70); nR4(e,a,b,c,d,71); + nR4(d,e,a,b,c,72); nR4(c,d,e,a,b,73); nR4(b,c,d,e,a,74); nR4(a,b,c,d,e,75); + nR4(e,a,b,c,d,76); nR4(d,e,a,b,c,77); nR4(c,d,e,a,b,78); nR4(b,c,d,e,a,79); +} +#endif + +/* + * Hash a single 512-bit block. This is the core of the algorithm. + */ +void SHA1Transform(state, buffer) + uint32_t state[5]; + const unsigned char buffer[64]; +{ + uint32_t a, b, c, d, e; + CHAR64LONG16 *block; + +#ifdef SHA1HANDSOFF + CHAR64LONG16 workspace; +#endif + + _DIAGASSERT(buffer != 0); + _DIAGASSERT(state != 0); + +#ifdef SHA1HANDSOFF + block = &workspace; + (void)memcpy(block, buffer, 64); +#else + block = (CHAR64LONG16 *)(void *)buffer; +#endif + + /* Copy context->state[] to working vars */ + a = state[0]; + b = state[1]; + c = state[2]; + d = state[3]; + e = state[4]; + +#ifdef SPARC64_GCC_WORKAROUND + do_R01(&a, &b, &c, &d, &e, block); + do_R2(&a, &b, &c, &d, &e, block); + do_R3(&a, &b, &c, &d, &e, block); + do_R4(&a, &b, &c, &d, &e, block); +#else + /* 4 rounds of 20 operations each. Loop unrolled. */ + R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3); + R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7); + R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11); + R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15); + R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19); + R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23); + R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27); + R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31); + R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35); + R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39); + R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43); + R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47); + R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51); + R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55); + R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59); + R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63); + R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67); + R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71); + R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75); + R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79); +#endif + + /* Add the working vars back into context.state[] */ + state[0] += a; + state[1] += b; + state[2] += c; + state[3] += d; + state[4] += e; + + /* Wipe variables */ + a = b = c = d = e = 0; +} + + +/* + * SHA1Init - Initialize new context + */ +void SHA1Init(context) + SHA1_CTX *context; +{ + + _DIAGASSERT(context != 0); + + /* SHA1 initialization constants */ + context->state[0] = 0x67452301; + context->state[1] = 0xEFCDAB89; + context->state[2] = 0x98BADCFE; + context->state[3] = 0x10325476; + context->state[4] = 0xC3D2E1F0; + context->count[0] = context->count[1] = 0; +} + + +/* + * Run your data through this. + */ +void SHA1Update(context, data, len) + SHA1_CTX *context; + const unsigned char *data; + unsigned int len; +{ + unsigned int i, j; + + _DIAGASSERT(context != 0); + _DIAGASSERT(data != 0); + + j = context->count[0]; + if ((context->count[0] += len << 3) < j) + context->count[1] += (len>>29)+1; + j = (j >> 3) & 63; + if ((j + len) > 63) { + (void)memcpy(&context->buffer[j], data, (i = 64-j)); + SHA1Transform(context->state, context->buffer); + for ( ; i + 63 < len; i += 64) + SHA1Transform(context->state, &data[i]); + j = 0; + } else { + i = 0; + } + (void)memcpy(&context->buffer[j], &data[i], len - i); +} + + +/* + * Add padding and return the message digest. + */ +void SHA1Final(digest, context) + unsigned char digest[20]; + SHA1_CTX* context; +{ + unsigned int i; + unsigned char finalcount[8]; + + _DIAGASSERT(digest != 0); + _DIAGASSERT(context != 0); + + for (i = 0; i < 8; i++) { + finalcount[i] = (unsigned char)((context->count[(i >= 4 ? 0 : 1)] + >> ((3-(i & 3)) * 8) ) & 255); /* Endian independent */ + } + SHA1Update(context, (unsigned char *)"\200", 1); + while ((context->count[0] & 504) != 448) + SHA1Update(context, (unsigned char *)"\0", 1); + SHA1Update(context, finalcount, 8); /* Should cause a SHA1Transform() */ + + if (digest) { + for (i = 0; i < 20; i++) + digest[i] = (unsigned char) + ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255); + } +} + diff --git a/lib/libutil/sha1hl.c b/lib/libutil/sha1hl.c new file mode 100644 index 000000000..47c5db19f --- /dev/null +++ b/lib/libutil/sha1hl.c @@ -0,0 +1,113 @@ +/* $NetBSD: sha1hl.c,v 1.8 2008/10/06 12:36:20 joerg Exp $ */ + +/* sha1hl.c + * ---------------------------------------------------------------------------- + * "THE BEER-WARE LICENSE" (Revision 42): + * wrote this file. As long as you retain this notice you + * can do whatever you want with this stuff. If we meet some day, and you think + * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp + * ---------------------------------------------------------------------------- + */ + +#if 0 +#include "namespace.h" +#endif + +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include + +#define _DIAGASSERT assert + +#if HAVE_NBTOOL_CONFIG_H +#include "nbtool_config.h" +#endif + +#if defined(LIBC_SCCS) && !defined(lint) +__RCSID("$NetBSD: sha1hl.c,v 1.8 2008/10/06 12:36:20 joerg Exp $"); +#endif /* LIBC_SCCS and not lint */ + +#if 0 +#if defined(__weak_alias) +__weak_alias(SHA1End,_SHA1End) +__weak_alias(SHA1File,_SHA1File) +__weak_alias(SHA1Data,_SHA1Data) +#endif +#endif + +/* ARGSUSED */ +char * +SHA1End(ctx, buf) + SHA1_CTX *ctx; + char *buf; +{ + int i; + char *p = buf; + unsigned char digest[20]; + static const char hex[]="0123456789abcdef"; + + _DIAGASSERT(ctx != NULL); + /* buf may be NULL */ + + if (p == NULL && (p = malloc(41)) == NULL) + return 0; + + SHA1Final(digest,ctx); + for (i = 0; i < 20; i++) { + p[i + i] = hex[((uint32_t)digest[i]) >> 4]; + p[i + i + 1] = hex[digest[i] & 0x0f]; + } + p[i + i] = '\0'; + return(p); +} + +char * +SHA1File (filename, buf) + char *filename; + char *buf; +{ + unsigned char buffer[BUFSIZ]; + SHA1_CTX ctx; + int fd, num, oerrno; + + _DIAGASSERT(filename != NULL); + /* XXX: buf may be NULL ? */ + + SHA1Init(&ctx); + + if ((fd = open(filename,O_RDONLY)) < 0) + return(0); + + while ((num = read(fd, buffer, sizeof(buffer))) > 0) + SHA1Update(&ctx, buffer, (size_t)num); + + oerrno = errno; + close(fd); + errno = oerrno; + return(num < 0 ? 0 : SHA1End(&ctx, buf)); +} + +char * +SHA1Data (data, len, buf) + const unsigned char *data; + size_t len; + char *buf; +{ + SHA1_CTX ctx; + + _DIAGASSERT(data != NULL); + /* XXX: buf may be NULL ? */ + + SHA1Init(&ctx); + SHA1Update(&ctx, data, len); + return(SHA1End(&ctx, buf)); +} diff --git a/man/man3/sha1.3 b/man/man3/sha1.3 new file mode 100644 index 000000000..13ae14843 --- /dev/null +++ b/man/man3/sha1.3 @@ -0,0 +1,193 @@ +.\" $OpenBSD: sha1.3,v 1.37 2008/02/13 08:43:39 art Exp $ +.\" +.\" Copyright (c) 1997, 2004 Todd C. Miller +.\" +.\" Permission to use, copy, modify, and distribute this software for any +.\" purpose with or without fee is hereby granted, provided that the above +.\" copyright notice and this permission notice appear in all copies. +.\" +.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +.\" +.\" See http://csrc.nist.gov/publications/fips/fips180-1/fip180-1.txt +.\" for the detailed standard +.\" +.Dd $Mdocdate: February 13 2008 $ +.Dt SHA1 3 +.Os +.Sh NAME +.Nm SHA1Init , +.Nm SHA1Update , +.Nm SHA1Final , +.Nm SHA1Transform , +.Nm SHA1End , +.Nm SHA1File , +.Nm SHA1Data +.Nd calculate the NIST Secure Hash Algorithm +.Sh SYNOPSIS +.Fd #include +.Fd #include +.Ft void +.Fn SHA1Init "SHA1_CTX *context" +.Ft void +.Fn SHA1Update "SHA1_CTX *context" "const u_int8_t *data" "size_t len" +.Ft void +.Fn SHA1Final "u_int8_t digest[SHA1_DIGEST_LENGTH]" "SHA1_CTX *context" +.Ft void +.Fn SHA1Transform "u_int32_t state[5]" "const u_int8_t buffer[SHA1_BLOCK_LENGTH]" +.Ft "char *" +.Fn SHA1End "SHA1_CTX *context" "char *buf" +.Ft "char *" +.Fn SHA1File "const char *filename" "char *buf" +.Ft "char *" +.Fn SHA1Data "const u_int8_t *data" "size_t len" "char *buf" +.Sh DESCRIPTION +The SHA1 functions implement the NIST Secure Hash Algorithm (SHA-1), +FIPS PUB 180-1. +SHA-1 is used to generate a condensed representation +of a message called a message digest. +The algorithm takes a +message less than 2^64 bits as input and produces a 160-bit digest +suitable for use as a digital signature. +.Pp +The SHA1 functions are considered to be more secure than the +.Xr md4 3 +and +.Xr md5 3 +functions with which they share a similar interface. +.Pp +The +.Fn SHA1Init +function initializes a SHA1_CTX +.Ar context +for use with +.Fn SHA1Update , +and +.Fn SHA1Final . +The +.Fn SHA1Update +function adds +.Ar data +of length +.Ar len +to the SHA1_CTX specified by +.Ar context . +.Fn SHA1Final +is called when all data has been added via +.Fn SHA1Update +and stores a message digest in the +.Ar digest +parameter. +.Pp +The +.Fn SHA1Transform +function is used by +.Fn SHA1Update +to hash 512-bit blocks and forms the core of the algorithm. +Most programs should use the interface provided by +.Fn SHA1Init , +.Fn SHA1Update +and +.Fn SHA1Final +instead of calling +.Fn SHA1Transform +directly. +.Pp +The +.Fn SHA1End +function is a front end for +.Fn SHA1Final +which converts the digest into an +.Tn ASCII +representation of the 160 bit digest in hexadecimal. +.Pp +The +.Fn SHA1File +function calculates the digest for a file and returns the result via +.Fn SHA1End . +If +.Fn SHA1File +is unable to open the file a NULL pointer is returned. +.Pp +The +.Fn SHA1Data +function +calculates the digest of an arbitrary string and returns the result via +.Fn SHA1End . +.Pp +For each of the +.Fn SHA1End , +.Fn SHA1File , +and +.Fn SHA1Data +functions the +.Ar buf +parameter should either be a string of at least 41 characters in +size or a NULL pointer. +In the latter case, space will be dynamically allocated via +.Xr malloc 3 +and should be freed using +.Xr free 3 +when it is no longer needed. +.Sh EXAMPLES +The follow code fragment will calculate the digest for +the string "abc" which is ``0xa9993e364706816aba3e25717850c26c9cd0d89d''. +.Bd -literal -offset indent +SHA1_CTX sha; +u_int8_t results[SHA1_DIGEST_LENGTH]; +char *buf; +int n; + +buf = "abc"; +n = strlen(buf); +SHA1Init(&sha); +SHA1Update(&sha, (u_int8_t *)buf, n); +SHA1Final(results, &sha); + +/* Print the digest as one long hex value */ +printf("0x"); +for (n = 0; n < SHA1_DIGEST_LENGTH; n++) + printf("%02x", results[n]); +putchar('\en'); +.Ed +.Pp +Alternately, the helper functions could be used in the following way: +.Bd -literal -offset indent +u_int8_t output[SHA1_DIGEST_STRING_LENGTH]; +char *buf = "abc"; + +printf("0x%s\en", SHA1Data(buf, strlen(buf), output)); +.Ed +.Sh SEE ALSO +.Xr cksum 1 , +.Xr sha1 1 , +.Xr md4 3 , +.Xr md5 3 , +.Xr rmd160 3 , +.Xr sha2 3 +.Rs +.%A J. Burrows +.%T The Secure Hash Standard +.%O FIPS PUB 180-1 +.Re +.Rs +.%A D. Eastlake and P. Jones +.%T US Secure Hash Algorithm 1 +.%O RFC 3174 +.Re +.Sh HISTORY +The SHA-1 functions appeared in +.Ox 2.0 . +.Sh CAVEATS +This implementation of SHA-1 has not been validated by NIST +and as such is not in official compliance with the standard. +.Pp +If a message digest is to be copied to a multi-byte type (ie: +an array of five 32-bit integers) it will be necessary to +perform byte swapping on little endian machines such as the i386, alpha, +and vax.